PLATFORM SECURITY,SOFTWARE SECURITY
Phosphorus | December 13, 2022
Phosphorus, the leading provider of proactive and full-scope security for the extended Internet of Things (xIoT), today announced new security features that will enable organizations to discover and monitor their networks for the presence of xIoT devices that the U.S. government deems a significant security risk. The new features also include the capability to remotely disable and remove the devices from the network.
Phosphorus’s security update follows the FCC’s ban on the sale or importation of devices made by several Chinese manufacturers that it considers to pose “an unacceptable risk to national security of the United States or the security or safety of United States persons.” The Covered List includes video surveillance and telecommunications equipment produced by Huawei Technologies, ZTE Corporation, Hytera Communications, Hangzhou Hikvision Digital Technology, and Dahua Technology (and their subsidiaries and affiliates).
“The Phosphorus xIoT Security Platform is the industry’s only solution that can discover the presence of these prohibited devices and remotely render them inert at scale. “These unique capabilities will empower enterprises and government organizations across the U.S. to discover, disable, and remove banned or potentially dangerous devices from their enterprise environments.”
John Vecchi, Chief Marketing Officer at Phosphorus
Advanced Discovery Capability
A recent study by Phosphorus’s global research division, Phosphorus Labs, found that organizations consistently struggle to identify all of their xIoT devices – this means many companies may not realize they have banned devices lurking inside their networks. According to its research, 80% of enterprise security teams can’t identify the majority of their xIoT devices and customer estimates of xIoT inventories are consistently off by 40-60%.
Phosphorus’s Enterprise xIoT Security Platform has unique capabilities for discovering xIoT assets, and it is the only technology platform able to communicate with these devices (ranging from security cameras to PLCs) in their native languages. This enables a high degree of accuracy, granularity, and speed when discovering and analyzing these devices to create comprehensive inventories of xIoT assets that include device type, brand, model, firmware version, credential status, default/enabled protocols, certificate status, and more.
Disabling and Isolating High-Risk Devices
Phosphorus empowers organizations by giving them direct control over every single device in their wide-ranging xIoT deployments. Through the platform’s Hardening and Remediation capabilities, organizations can update and rotate a device’s credentials, manage firmware, disable remote services, turn off unnecessary connectivity features, check for valid certificates, and reboot the device.
For organizations that have detected banned xIoT technologies in their networks, specific device-level actions such as changing passwords, disabling services and reducing connectivity will be critical for limiting the potential risks of these devices prior to their removal from the network.
World’s First and Only Proactive xIoT Security Platform
Phosphorus’s Enterprise xIoT Security Platform is the industry’s only consolidated xIoT security offering, delivering state-of-the-art Attack Surface Management, Hardening and Remediation, and Detection and Response across the full range of IoT, OT, and Network-connected devices – spanning both new and legacy devices.
For the first time in industry history, teams in IT, Facilities, and Security are able to collaborate on a single platform to safely discover, assess, remediate, and monitor their xIoT devices. Phosphorus is now the solution of choice for enterprises to secure devices that were previously unknown or overlooked, beginning with fundamental xIoT security hygiene.
The company’s Enterprise xIoT Security Platform is currently deployed in Fortune 100, Fortune 500, and government networks.
ABOUT PHOSPHORUS
Phosphorus Cybersecurity® is the leading xTended Security of Things™ platform designed to secure the rapidly growing and often unmonitored Things across the enterprise xIoT landscape. Our Enterprise xIoT Security Platform delivers Attack Surface Management, Hardening & Remediation, and Detection & Response to bring enterprise xIoT security to every cyber-physical Thing in your enterprise environment. With unrivaled xIoT discovery and posture assessment, Phosphorus automates the remediation of the biggest IoT, OT, and Network device vulnerabilities—including unknown and inaccurate asset inventory, out-of-date firmware, default credentials, risky configurations, and out-of-date certificates.
Read More
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
DTEX Systems | December 21, 2022
DTEX Systems, the Workforce Cyber Intelligence & Security Company™, today announced that one of the world’s leading application performance and cloud security vendors has selected DTEX InTERCEPT to secure patents, protect business process innovation, and prevent data loss.
DTEX InTERCEPT™ is a first-of-its-kind Workforce Cyber Security solution that brings together the capabilities of Insider Threat Management, User and Entity Behavior Analytics, Digital Forensics, and Zero Trust DLP in an all-in-one lightweight, cloud-native platform. Only DTEX InTERCEPT delivers the behavioral context and activity intelligence that answers the Who, What, When, Where, Why, and How related to any potential insider threat situation, compromised account event or data loss scenario without invading personal privacy.
In the face of changing global economic conditions, the increasing risk of corporate espionage, and a pending corporate reduction in force action, the application performance and cloud security vendor prioritized an immediate review of existing insider risk and data loss prevention technology. The vendor’s legal team was heavily involved in the RFP and vendor evaluation processes to ensure employee privacy would be protected as part of the adoption of any insider risk and data loss prevention solution in compliance with the European Union’s GDPR and California’s Privacy Rights Act (CPRA). After exhaustive review of DTEX InTERCEPT’s patented metadata collection model, the vendor’s legal, IT and, cyber security teams selected DTEX to replace its existing first-generation insider risk and data loss prevention solutions globally.
DTEX InTERCEPT’s seamless integration with the application performance and cloud security vendor’s NGAV system, as well as its innovative Zero Trust approach to data loss prevention were also deciding factors in the enterprises choice to standardize on DTEX InTERCEPT across all enterprise workstations and servers. Upon selection, a senior cyber security executive said, “DTEX is a proven solution that won’t break our systems.”
“It is incredibly gratifying to have our insider risk and data loss prevention technology chosen by a fellow cyber security vendor. In this case, it was again the uniqueness of our data set and ability to keep employee data private, while delivering dynamic, contextual human behavior visibility that was the deciding factor in the customer’s decision. “Likewise, a peer’s decision to adopt our technology makes a strong statement that traditional solutions focused on machine intelligence are insufficient to protect data in today’s distributed workforce reality. The difference is most definitely human.”
Bahman Mahbod, CEO at DTEX Systems
About DTEX Systems
DTEX Systems helps hundreds of organizations worldwide better understand their workforce, protect their data, and make human-centric operational investments. Its Workforce Cyber Intelligence & Security platform brings together next-generation Zero Trust DLP, UEBA, digital forensics, user activity monitoring and insider threat management in one scalable, cloud-native platform. Through its patented and privacy-compliant meta-data collection and analytics engine, the DTEX platform surfaces abnormal behavioral “indicators of intent” to mitigate risk of data and IP loss, enabling SOC enrichment with human sensors and empowering enterprises to make smarter business decisions quickly.
Read More
PLATFORM SECURITY,SOFTWARE SECURITY
Vijilan Security | January 17, 2023
Vijilan, a leading provider of cybersecurity services, announced that it had become a CrowdStrike Powered Service Provider (CPSP) partner. As a CPSP partner, Vijilan will offer managed observability services and managed endpoint detection and response (EDR) powered by the CrowdStrike Falcon platform to its partner communities of managed service providers and IT professionals.
CrowdStrike has transformed security with the CrowdStrike Falcon platform, a unified security platform with a single, lightweight agent that safeguards and empowers the people, processes, and technologies that drive modern enterprise. CrowdStrike protects the most important areas of enterprise risk, such as cloud workloads and endpoints, identity and data, to keep customers ahead of the latest adversaries and stop breaches.
As a CPSP partner, Vijilan will provide the following:
Managed Endpoint Detection and Response: With leading EDR at its center, CrowdStrike correlates third-party and native cross-domain telemetry to provide unprecedented investigative efficiency, high-confidence detections, and quick, confident responses from one unified, threat-centric command console.
Managed Observability: Designed with a unique index-free architecture and advanced compression technology that reduces the amount of hardware needed, CrowdStrike Falcon LogScale is a unified log management and observability solution. It allows organizations to analyze, store, and retain log data at scale, giving them insights that can be used for various security and non-security purposes.
Kevin (KayVon) Nejad, Vijilan's CEO, said, "With CrowdStrike, we are delivering better-together security solutions to businesses of any size and a last line of defense when hackers have already passed through the organization's security appliances and tools." He also added, "Vijilan complements CrowdStrike's EDR capabilities through cross correlation of telemetry data from networks, devices, users, applications and data used by most MSPs and MSSPs."
(Source – Cision PR Newswire)
About Vijilan Security
Founded in 2014, Vijilan is a U.S.-based LLC specialized in cybersecurity threat management. With more than 20 years of experience monitoring security, Vijilan has mastered the art of finding threats and incident response. Partners of Vijilan include Managed Security Service Providers (MSSPs) and Managed Service Providers (MSPs) that deliver managed IT services to industries like banking, education, healthcare, government and manufacturing. They rely on security solutions and security experts from Vijilan to deliver managed extended Detection and Response (mXDR) for its customers in the United States, the middle east, Asia-Pacific, and Europe.
Read More